package com.leedsoft.config;

import com.leedsoft.spittr.model.User;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;

import java.io.Serializable;

/**
 * Created by leeds on 2017/11/13.
 * 声明用于支持spring security保护方法表达式hasPermission()的PermissionEvaluator
 */
public class TestPermissionEvaluator implements PermissionEvaluator{
    @Override
    public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
        if (targetDomainObject instanceof User) {
             User u = (User) targetDomainObject;
             if ("back".equals(permission) && u.getAge() != null && u.getAge() > 10) {
                 return true;
             }
             return false;
        }
        throw new UnsupportedOperationException("不支持的对象类型");
    }

    @Override
    public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
        throw new UnsupportedOperationException();
    }
}
